winpkfilter in client side

Apr 19, 2013 at 1:40 PM
Edited Apr 19, 2013 at 1:40 PM
hi
is it possible to force client side use winpkfilter in windows7 or 8, i already change it in BarbaTunel.ini but it seems was not changed.
Coordinator
Apr 19, 2013 at 2:06 PM
Hi
Set FilterDriver=WinpkFilter
it should work, don't work to restart BarbaTunnel after changing any config.
If it does not effect it mean BarbaService run another copy of BarbaTunnel in another location of your disk.
Regards
Apr 19, 2013 at 2:29 PM
Edited Apr 19, 2013 at 2:30 PM
ok, thx it changed but the new problem :D:

windows 8 x64, WinpkFilter 3.12

Barba Client Started...
Version: 6.4
FilterDriver: WinpkFilter
Adapter: Ethernet
Ready!
Error: Invalid packet received and dropped!
Error: Invalid packet received and dropped!
Error: Invalid packet received and dropped!
Coordinator
Apr 19, 2013 at 2:43 PM
I don't know,
1) try increase MTU decrements from barbatunnel.ini in both side, not more than 50!
2) try using HTTP-Tunnel
Regards
Apr 21, 2013 at 1:12 PM
I think the problem caused by definition of INTERMEDIATE_BUFFER structure. It was changed for version 3.1.0 and was changed again for version 3.1.2. You need to recompile BarbaTunnel with WinpkFilter 3.1.2 headers to fix the issue. Hopefully I won't have to change this structure format in the future, several reserved bytes were also added for possible future extensions.
Coordinator
Apr 21, 2013 at 1:39 PM
I will look at it.
Apr 23, 2013 at 12:59 PM
i did it, but it still doesn't work. i review the source and i think there is some problem in this part:

in WinpkFilterDriver.cpp u use this :
    SetEthPacket((ether_header_ptr)packet, bufferLen);
and in WinDivertFilterDriver.cpp u use this:
    SetIpPacket(ipHeader, bufferLen);
this is ok, but i can't understand this part:

PacketHelper::IsValidChecksum has 2 condition, IsIp() is always false when we use WinpkFilter becuse it check IpHeader
bool IsIp() { return ipHeader!=NULL;}
u set the IpHeader in SetIpPacket but in SetEthPacket u only set the ethHeader. can u help me to understand this part of code?
Coordinator
Apr 23, 2013 at 1:22 PM
Edited May 14, 2013 at 4:00 PM
Hi
  • PacketHelper is just helper utility class and isolated from other part of codes.
  • Packet can be an IP packet or non IP packet such as simple Ethernet packet for other protocol in data-link layer. it mean some packet does not have ipheader.
  • All Packets have Ethernet Packet at head and an Ethernet packet can be IpPacket too but it is not mandatory.
  • WinPKFilter capture packets at "Network data-link layer" but WinDivert work at "Network Transport Layer", it mean packet captured by WinPkFilter always smaller than 1500 byte and may not be IP packet but WinDivert packet should always have IpHeader and it may be 64Kbytes.
If you check PacketHelper::SetEthPacket you can see it call PacketHelper::ReInit and Reinit will set ipHeader if the Ethernet packet has ipHeader, It mean IsIp() is not always false in WinpkFilter due to PacketHelper::ReInit.

I implemented PacketHelper::IsValidChecksum just for IP protocols and BarbaTunnel just work with IP packets so it simply ignore all other non IP packets.

Cheers
Apr 23, 2013 at 2:34 PM
Edited Apr 23, 2013 at 2:34 PM
yes in Reinit there is a condition:
if (ntohs(ethHeader->h_proto)==ETH_P_IP)
        ipHeader = (iphdr*)(ethHeader + 1);
when i debug it none of packets h_pro has 0x0800 value, the values are 0 or 13312 or 12288 and that's why ipheader is always nulll, what did u think?
Coordinator
Apr 23, 2013 at 3:06 PM
Maybe all IP packets filtered by driver and never reach barbatunnel via barbatunnel filter definition.
As you see SerpentFly report an issue and it look I should recompile BarbaTunnel with new WinPKFilter header file.
I working on new version of BarbaTunnel and will release it in future.
Regards
Apr 23, 2013 at 3:18 PM
actually i have free time and i was here if u need more hand
Coordinator
Apr 23, 2013 at 3:41 PM
@cyberwolf
You are so welcome. I really need someone to help me to develop it for android devices.
Let me know if you can do anything on it.
Cheers
Apr 23, 2013 at 5:12 PM
unfortunately i'm .net developer and also have some C++ experience
May 13, 2013 at 6:37 AM
Hello there,

@BarbaCoder
Please upload the winpkFilter that you compile your software with.

Also I'm working on winDivert problems. I will keep you updated

Regards.
May 13, 2013 at 9:36 AM
I did,
You can download WinpkFilter 3.1.1 (which is works) from below:
https://www.dropbox.com/s/czmufy1k65u754s/winpkflt_rtl_3.1.1.zip
Coordinator
May 13, 2013 at 9:41 AM
By the way i hope to release new version sooner so it will work with new version of WinPkFilter.
Cheers
Coordinator
May 23, 2013 at 8:40 PM
I publish version 7.0 and compile it with new WinPkFilter.
Regards